Hi, i have a login script that checks if a user has a correct username and password in a cookie, if it doesnt i do a

header("Location: ./login.php");

i need to know if people can get around the header redirect, so that i can make this in a way that they cant get into my program if they arent logged in

tia

V@no.

01-13-2004, 12:41 PM

maybe put exit; after your header redirect

raf

01-13-2004, 01:47 PM

i need to know if people can get around the header redirect, so that i can make this in a way that they cant get into my program if they arent logged in
Yes, of course. If you make mistakes or if they steel/create a cookie, they can.

It all depends on what your code looks like before you do the redirect. If you have a careless or incorrect check there, then they get past it. ('getting around it' sounds a bit strange --> they can manipulate the cookie (or steal one) so that your conditions and checks that come before the redirect, all return True.
Or they can just use someone elses computer (with a cookie on it) and walk right in.

So you best encode the values inside the cookie and still require them to log if they want to perform more dangerous operations or see more sensitive information.

A special case is share hosting. A server can only read cookies that he set, but if another application on the same server sets a cookie with the same name ... so it's not completely impossible that someone that wants tohack in just takes an account on the same machine and sets a cookie on his own client with the same names as yours and then logs in on your app.
Or if you run 2 applications on a subdomain (free/low budget hosting etc) then this becomes more an issue to look into.

If you encode the valeus with a user-specific salt, that you store in the usertable, then that becomes quite hard (well, it'll require quite some computationpower anyway) and it should then be sufficiently secure for the data/services you want to protect (for stuf like a forum or so, it can be considered suficient, for ecommerce or so, it's not sufficient)